PostgreSQL과 함께 제공되는 기본 사용자 및 역할 외에도 다른 PostgreSQL 사용자 또는 역할을 만들 수 있습니다. 이러한 사용자는 postgres 사용자와 동일한 권한 집합(CREATE ROLE, CREATEDB, LOGIN)을 가집니다. 이러한 권한에 대한 자세한 내용은 CREATE ROLE을 참고하세요.
ALTER ROLE 명령어를 사용하여 모든 사용자의 권한을 변경할 수 있습니다. psql 클라이언트에 새 사용자를 만들 경우 해당 사용자에 다른 역할을 연결하거나 다른 권한을 할당할 수 있습니다.
시작하기 전에
PostgreSQL 명령어를 사용하여 클러스터의 사용자를 관리하려면 다음이 필요합니다.
psql 클라이언트 액세스
postgres 데이터베이스 사용자 또는 적절한 관리 권한이 있는 다른 사용자에 대한 액세스 권한
데이터베이스 사용자를 만듭니다.
사용자 이름과 비밀번호를 사용하여 데이터베이스를 직접 인증하는 데이터베이스 사용자(기본 제공 인증이라고도 함)를 만들려면 다음 명령어를 사용하세요.
CREATEUSERUSERNAMEWITHPASSWORD'PASSWORD';
다음을 바꿉니다.
USERNAME: 사용자 역할의 사용자 이름입니다.
PASSWORD: 사용자 역할에 할당할 새 비밀번호입니다.
데이터베이스 사용자를 만들고 정의하는 방법에 관한 자세한 내용은 CREATE
USER을 참고하세요.
사용자 또는 역할을 만든 후 psql 클라이언트에서 ALTER
ROLE 명령어를 사용하여 권한을 변경할 수 있습니다.
데이터베이스 사용자에게 역할 부여
데이터베이스 사용자에게 역할을 부여하려면 다음 명령어를 사용합니다.
GRANTROLEtoUSERNAME;
다음을 바꿉니다.
ROLE: 데이터베이스 사용자에게 부여할 역할입니다.
PASSWORD: 사용자 역할에 할당할 새 비밀번호입니다.
사용자에게 슈퍼 사용자 권한을 부여하려면 해당 사용자에게 alloydbsuperuser 역할을 부여합니다.
데이터베이스 사용자의 비밀번호 변경
표준 PostgreSQL 데이터베이스 사용자의 새 비밀번호를 설정하려면 다음 명령어를 사용하세요.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eThis guide details how to create and manage users and roles within AlloyDB Omni, extending beyond the default PostgreSQL settings.\u003c/p\u003e\n"],["\u003cp\u003eNew PostgreSQL users can be created with privileges such as \u003ccode\u003eCREATE ROLE\u003c/code\u003e, \u003ccode\u003eCREATEDB\u003c/code\u003e, and \u003ccode\u003eLOGIN\u003c/code\u003e, mirroring the \u003ccode\u003epostgres\u003c/code\u003e user's capabilities.\u003c/p\u003e\n"],["\u003cp\u003eUser privileges can be modified with \u003ccode\u003eALTER ROLE\u003c/code\u003e, passwords can be changed with \u003ccode\u003eALTER USER\u003c/code\u003e, roles can be granted with \u003ccode\u003eGRANT\u003c/code\u003e, and revoked with \u003ccode\u003eREVOKE\u003c/code\u003e using \u003ccode\u003epsql\u003c/code\u003e client commands.\u003c/p\u003e\n"],["\u003cp\u003eDatabase users can be created for direct authentication using usernames and passwords or through Identity and Access Management.\u003c/p\u003e\n"],["\u003cp\u003eTo delete a user, any objects owned by the user must be dropped or reassigned, and any granted privileges must be revoked before using the \u003ccode\u003eDROP ROLE\u003c/code\u003e command.\u003c/p\u003e\n"]]],[],null,["# Manage AlloyDB Omni users and roles\n\nSelect a documentation version: 15.7.1keyboard_arrow_down\n\n- [Current (16.8.0)](/alloydb/omni/current/docs/database-users/manage-users)\n- [16.8.0](/alloydb/omni/16.8.0/docs/database-users/manage-users)\n- [16.3.0](/alloydb/omni/16.3.0/docs/database-users/manage-users)\n- [15.12.0](/alloydb/omni/15.12.0/docs/database-users/manage-users)\n- [15.7.1](/alloydb/omni/15.7.1/docs/database-users/manage-users)\n- [15.7.0](/alloydb/omni/15.7.0/docs/database-users/manage-users)\n\n\u003cbr /\u003e\n\nThis page describes how to create and manage AlloyDB Omni users and roles.\n\n\u003cbr /\u003e\n\nIn addition to the default users and roles that come with PostgreSQL, you can create other PostgreSQL users or roles. These users have the same set of\nprivileges as the `postgres` user:\n`CREATE ROLE`,\n`CREATEDB`, and `LOGIN`. For more information about these\nprivileges, see [`CREATE ROLE`](https://www.postgresql.org/docs/15/sql-createrole.html).\n\nYou can change the privileges of any user by using the [`ALTER ROLE`](https://www.postgresql.org/docs/15/sql-alterrole.html) command. If you create a new user with the `psql` client, you can\nchoose to associate it with a different role, or assign different privileges.\n\nBefore you begin\n----------------\n\nTo use PostgreSQL commands to manage users on a cluster, you need the following:\n\n- Access to the `psql` client\n- Access to the `postgres` database user, or another user with the appropriate administrative privileges\n\nCreate a database user\n----------------------\n\nTo create a database user that authenticates with the database directly using\na username and password---also known as *built-in authentication*--- use the following command: \n\n CREATE USER \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-n\"\u003eUSERNAME\u003c/span\u003e\u003c/var\u003e WITH PASSWORD '\u003cvar translate=\"no\"\u003ePASSWORD\u003c/var\u003e';\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eUSERNAME\u003c/var\u003e: The user role's username.\n\n- \u003cvar translate=\"no\"\u003ePASSWORD\u003c/var\u003e: The new password to assign to the\n user role.\n\nFor more information about how to create and define database users, see [`CREATE\nUSER`](https://www.postgresql.org/docs/15/sql-createuser.html).\n\nAfter you create a user or a role, you can change its privileges by using the [`ALTER\nROLE`](https://www.postgresql.org/docs/15/sql-alterrole.html) command\nin the `psql` client.\n\nGrant roles to a database user\n------------------------------\n\nTo grant roles to a database user, use the following command: \n\n GRANT \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-k\"\u003eROLE\u003c/span\u003e\u003c/var\u003e to \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-n\"\u003eUSERNAME\u003c/span\u003e\u003c/var\u003e;\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eROLE\u003c/var\u003e: The role to grant to the database user.\n\n- \u003cvar translate=\"no\"\u003ePASSWORD\u003c/var\u003e: The new password to assign to the\n user role.\n\nTo give a user superuser privileges, grant that user the `alloydbsuperuser` role.\n\nChange the password of a database user\n--------------------------------------\n\nTo set a new password for a standard PostgreSQL database user, use the following command: \n\n ALTER USER \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-n\"\u003eUSERNAME\u003c/span\u003e\u003c/var\u003e WITH PASSWORD '\u003cvar translate=\"no\"\u003ePASSWORD\u003c/var\u003e';\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eUSERNAME\u003c/var\u003e: The database user's username.\n\n- \u003cvar translate=\"no\"\u003ePASSWORD\u003c/var\u003e: The new password to assign to the\n user role.\n\nFor more information about changing a user's password, see [`ALTER ROLE`](https://www.postgresql.org/docs/15/sql-alterrole.html).\n\nRevoke a role from a database user\n----------------------------------\n\nTo revoke a previously granted privilege from one or more roles, or to revoke a\nuser's membership in a role, use the following command: \n\n REVOKE \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-k\"\u003eROLE\u003c/span\u003e\u003c/var\u003e FROM \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-n\"\u003eUSERNAME\u003c/span\u003e\u003c/var\u003e;\n\nTo remove a user's superuser privileges, revoke the `alloydbsuperuser` role\nfrom that user.\n\nView a list of database users\n-----------------------------\n\nTo view a table of all database users and their group memberships, use the following command: \n\n \\du\n\nDelete a database user\n----------------------\n\nBefore deleting a user, you must drop all the objects it owns or reassign their\nownership, and revoke any privileges the role has been granted on other objects.\n\nTo delete a user, use the following command: \n\n DROP ROLE \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-n\"\u003eUSERNAME\u003c/span\u003e\u003c/var\u003e;"]]